US7251823B2 - Enterprise access configuration - Google Patents

Enterprise access configuration Download PDF

Info

Publication number
US7251823B2
US7251823B2 US10/323,138 US32313802A US7251823B2 US 7251823 B2 US7251823 B2 US 7251823B2 US 32313802 A US32313802 A US 32313802A US 7251823 B2 US7251823 B2 US 7251823B2
Authority
US
United States
Prior art keywords
server
enterprise
security file
network device
wireless network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related, expires
Application number
US10/323,138
Other versions
US20040117656A1 (en
Inventor
Joseph Peter Robert Tosey
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SIERRA WIRELESS Inc
Sierra Wireless Inc
Original Assignee
Sierra Wireless Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sierra Wireless Inc filed Critical Sierra Wireless Inc
Assigned to SIERRA WIRELESS, INC. reassignment SIERRA WIRELESS, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: TOSEY, JOSEPH PETER ROBERT
Priority to US10/323,138 priority Critical patent/US7251823B2/en
Priority to CA002510023A priority patent/CA2510023A1/en
Priority to AU2003289783A priority patent/AU2003289783A1/en
Priority to DE60312887T priority patent/DE60312887T2/en
Priority to CNB2003801063328A priority patent/CN100553252C/en
Priority to EP03782032A priority patent/EP1574006B1/en
Priority to AT03782032T priority patent/ATE358386T1/en
Priority to PCT/CA2003/001964 priority patent/WO2004056062A2/en
Priority to ES03782032T priority patent/ES2285222T3/en
Publication of US20040117656A1 publication Critical patent/US20040117656A1/en
Priority to US11/888,218 priority patent/US7827604B2/en
Publication of US7251823B2 publication Critical patent/US7251823B2/en
Application granted granted Critical
Expired - Fee Related legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/58Message adaptation for wireless communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Definitions

  • the present invention relates to the field of computer networks. More particularly, the present invention relates to enterprise access configuration for wireless remote email access.
  • Mobile devices such as cellular phones and personal digital assistants (PDAs) have been growing in popularity for many years.
  • Laptop computers have been popular for many years.
  • wireless email access has been made available for laptop computers, cellular phones, and personal digital assistants. With wireless email access, a user may send and receive email remotely using a wireless Internet connection.
  • Enterprise users are potentially a huge market for wireless email access.
  • Enterprises such as large companies, have a high need for instant communication and commonly business is conducted via email.
  • an end-user purchases a wireless device to use in conjunction with a desktop computer.
  • Wireless email redirector software is placed on the desktop. This software monitors mail that comes into the mail server destined for the user's mailbox, and then securely forwards it to his device.
  • This solution is not under control of the enterprise.
  • the enterprise may have internal policies that require the deletion of received email after 90 days.
  • the enterprise can no longer ensure that the email is deleted after 90 days.
  • Another drawback of this first scenario is that it only works for email. Furthermore, it requires that a desktop computer be left behind. This, however, is not possible for professionals who use a single laptop computer at the office and when they travel.
  • an enterprise Information Technology (IT) manager selects and installs a solution for end-users.
  • This entails either a dedicated mail server process or integration with a hosted Active Server Pages (ASP) service.
  • ASP Active Server Pages
  • a mail server is a major IT project, possibly requiring a new dedicated forwarding server, an email server upgrade, and installation of other significant applications.
  • an email server using MicrosoftTM approach requires the installation of ActiveDirectory and Exchange 2000 before installing their Mobile Information Server. It also is quite expensive.
  • a hosted service may require a new supplier relationship. There also may need to be a complicated connection between the remote access provider and the wireless ASP service. Complex mail routing is required, introducing potential security risks. This solution also works only for email.
  • the present invention provides a solution in which a script containing general security parameters and access policies in a file is placed on an appropriate internal server.
  • the location of the script may then be stored on an external server.
  • an end-user within the organization decides to purchase a wireless network device, he may attach it to his existing computer.
  • the computer then may retrieve the security file location from the external server, retrieve the security file from the internal server using the security file location, and program the security file into the wireless device.
  • FIG. 1 is a diagram illustrating a system in accordance with a specific embodiment of the present invention.
  • FIG. 2 is a diagram illustrating a system for accessing an enterprise in accordance with an embodiment of the present invention.
  • FIG. 3 is a flow diagram illustrating a method for configuring access from a wireless network device to an enterprise in accordance with an embodiment of the present invention.
  • FIG. 4 is a flow diagram illustrating a method for accessing an enterprise from a wireless network device using a computer, in accordance with an embodiment of the present invention.
  • FIG. 5 is a block diagram illustrating an apparatus for configuring access from a wireless network device to an enterprise in accordance with an embodiment of the present invention.
  • the components, process steps, and/or data structures may be implemented using various types of operating systems, computing platforms, computer programs, and/or general purpose machines.
  • devices of a less general purpose nature such as hardwired devices, field programmable gate arrays (FPGAs), application specific integrated circuits (ASICs), or the like, may also be used without departing from the scope and spirit of the inventive concepts disclosed herein.
  • the present invention provides a solution in which a script containing general security parameters and access policies in a file is placed on an appropriate internal server.
  • the location of the script may then be stored on an external server.
  • an end-user within the organization decides to purchase a wireless network device, he may attach it to his existing computer.
  • the computer then may retrieve the security file location and/or the security file access protocol from the external server, retrieve the security file from the internal server using the security file location and/or the security file access protocol, and program the security file into the wireless device.
  • FIG. 1 is a diagram illustrating a system in accordance with a specific embodiment of the present invention.
  • a person capable of understanding the remote access procedures and security parameters for an organization may place a script containing general security parameters and access policies in a file on an appropriate internal server 100 using an IT computer 102 .
  • the file may have read-only access to prevent unauthorized changes.
  • a “wizard” may be provided to simplify the creation of this configuration script.
  • Many different types of servers may be used as an internal sever 100 including, but not limited to, file servers, database servers, or web servers.
  • the location of the script may then be stored on an external server 104 .
  • This server may be owned by any of a variety of companies.
  • the location may be represented through a Microsoft UNC, Internet URL, and XQL database query or any other means appropriate to identify the server and file.
  • Each file may be associated with an email domain that covers email addresses routed to the organization (e.g., “@company.com”).
  • the security file access protocol may also be stored on the external sever 104 .
  • an end-user within the organization may decide to purchase a wireless network device 106 that he desires to access email with. He may query the external server 104 to determine whether his email address is supported. If so, he may purchase the wireless network device and attach it to a laptop behind a firewall. At this time, if the email address is not supported, the operator of the external server may decide to support the email address by configuring the system to work with the email address. For example, the user may have email address of employee@company.com. If a previous employee with that company was configured to work with the system, then it may be that all employees with that company have been configured and all that is necessary is for the user to retrieve that configuration. However, if this is the first employee with that company to attempt access, the external server may configure that employee, at which point all employees with the email domain company.com will be configured.
  • the laptop 108 may then retrieve the security file location and/or security file access protocol from the server, retrieve the security file, and then program the security file into the wireless device, which has been coupled to the laptop. He also may then enter the remaining personal security parameters (e.g., personal account name and password). The device may now access the corporate network directly when outside the firewall, using these parameters.
  • This solution allows any form of access to be configured: push messaging, enterprise-based instant messaging, intranet web browsing, intranet file access, intranet application access, virtual private network (VPN) access, VPN key distribution, etc.
  • FIG. 2 is a diagram illustrating a system for accessing an enterprise in accordance with an embodiment of the present invention.
  • email access may be coordinated using a virtual private network (VPN) server 202 which allows access to an email server 204 .
  • VPN virtual private network
  • FIG. 3 is a flow diagram illustrating a method for configuring access from a wireless network device to an enterprise in accordance with an embodiment of the present invention.
  • an email address may be received from a user having the wireless network device. This email address may then be checked against a database having domains currently supported by the enterprise to determine whether a security file exists. If one does not, the system may choose to deny the request for access or to create a security file unique to a domain covering the email address.
  • a security file location and/or a security file access protocol may be retrieved from a server external to the enterprise.
  • a security file may be retrieved from a server internal to the enterprise using the security file location and/or the security file access protocol.
  • the server internal to the enterprise may be, for example, a web server, file server, database server, etc.
  • the security file may be programmed into the wireless network device.
  • any remaining security parameters may be forwarded to the wireless network device.
  • communication may be received from the wireless network device to an access server internal to the enterprise, the communication sent using a configuration stored in the security file.
  • the access server may be, for example, an email server, a push messaging server, an instant messaging server, an intranet web browsing server, an intranet file access server, and intranet application access server, a virtual private network (VPN) access server, a VPN key distribution server, etc.
  • VPN virtual private network
  • FIG. 4 is a flow diagram illustrating a method for accessing an enterprise from a wireless network device using a computer, in accordance with an embodiment of the present invention.
  • an email address from a user having the wireless network device may be sent to a server internal to the enterprise. This allows the server to verify whether a security file for the domain covering the user's email address exists, and if not, create one.
  • a security file location and/or a security file access protocol may be retrieved from a server external to the enterprise.
  • a security file may be retrieved from a server internal to the enterprise using the security file location and/or security file access protocol.
  • the server internal to the enterprise may be, for example, a web server, file server, database server, etc.
  • the wireless network device may be coupled to the computer.
  • the security file may be programmed into the wireless network device.
  • any remaining security parameters may be forwarded to the wireless network device.
  • communication may be sent from the wireless network device to an access server internal to the enterprise, the communication sent using a configuration stored in the security file.
  • the access server may be, for example, an email server, a push messaging server, an instant messaging server, an intranet web browsing server, an intranet file access server, and intranet application access server, a virtual private network (VPN) access server, a VPN key distribution server, etc.
  • VPN virtual private network
  • FIG. 5 is a block diagram illustrating an apparatus for configuring access from a wireless network device to an enterprise in accordance with an embodiment of the present invention.
  • a security file location external server retriever 500 may retrieve a security file location from a server external to the enterprise.
  • a security file access protocol retriever 502 may retrieve a security file access protocol from the server external to the enterprise.
  • a security file internal server retriever 504 coupled to the security file location external server retriever 500 and to the security file access protocol retriever 502 may retrieve a security file from a server internal to the enterprise using the security file location and/or the security file access protocol.
  • the server internal to the enterprise may be, for example, a web server, file server, database server, etc.
  • a security file wireless network device programmer 506 coupled to the security file internal server retriever 504 may program the security file into the wireless network device.
  • a remaining security parameters wireless network device forwarder 508 coupled to the security file internal server retriever 504 may forward any remaining security parameters to the wireless network device.

Abstract

The present invention provides a solution in which a script containing general security parameters and access policies in a file is placed on an appropriate internal server. The location of the script may then be stored on an external server. When an end-user within the organization decides to purchase a wireless network device, he may attach it to his existing computer. The computer then may retrieve the security file location from the external server, retrieve the security file from the internal server using the security file location, and program the security file into the wireless device.

Description

FIELD OF THE INVENTION
The present invention relates to the field of computer networks. More particularly, the present invention relates to enterprise access configuration for wireless remote email access.
BACKGROUND OF THE INVENTION
Mobile devices, such as cellular phones and personal digital assistants (PDAs) have been growing in popularity for many years. Laptop computers have been popular for many years. Recently, wireless email access has been made available for laptop computers, cellular phones, and personal digital assistants. With wireless email access, a user may send and receive email remotely using a wireless Internet connection.
Enterprise users are potentially a huge market for wireless email access. Enterprises, such as large companies, have a high need for instant communication and commonly business is conducted via email. There are currently two broad categories of solutions for wireless remote email access. Both, however, cause significant problems for enterprises.
In the first scenario, an end-user purchases a wireless device to use in conjunction with a desktop computer. Wireless email redirector software is placed on the desktop. This software monitors mail that comes into the mail server destined for the user's mailbox, and then securely forwards it to his device. This solution, however, is not under control of the enterprise. For example, the enterprise may have internal policies that require the deletion of received email after 90 days. When the email is redirected to a wireless device, the enterprise can no longer ensure that the email is deleted after 90 days. Another drawback of this first scenario is that it only works for email. Furthermore, it requires that a desktop computer be left behind. This, however, is not possible for professionals who use a single laptop computer at the office and when they travel.
In the second scenario, an enterprise Information Technology (IT) manager selects and installs a solution for end-users. This entails either a dedicated mail server process or integration with a hosted Active Server Pages (ASP) service. A mail server, however, is a major IT project, possibly requiring a new dedicated forwarding server, an email server upgrade, and installation of other significant applications. For example, an email server using Microsoft™ approach requires the installation of ActiveDirectory and Exchange 2000 before installing their Mobile Information Server. It also is quite expensive. Furthermore, a hosted service may require a new supplier relationship. There also may need to be a complicated connection between the remote access provider and the wireless ASP service. Complex mail routing is required, introducing potential security risks. This solution also works only for email.
What is needed is a solution that allows an IT manager to prepare an organization for easy and secure wireless email access, with minimal investment of time or money.
BRIEF DESCRIPTION OF THE INVENTION
The present invention provides a solution in which a script containing general security parameters and access policies in a file is placed on an appropriate internal server. The location of the script may then be stored on an external server. When an end-user within the organization decides to purchase a wireless network device, he may attach it to his existing computer. The computer then may retrieve the security file location from the external server, retrieve the security file from the internal server using the security file location, and program the security file into the wireless device.
BRIEF DESCRIPTION OF THE DRAWINGS
The accompanying drawings, which are incorporated into and constitute a part of this specification, illustrate one or more embodiments of the present invention and, together with the detailed description, serve to explain the principles and implementations of the invention.
In the drawings:
FIG. 1 is a diagram illustrating a system in accordance with a specific embodiment of the present invention.
FIG. 2 is a diagram illustrating a system for accessing an enterprise in accordance with an embodiment of the present invention.
FIG. 3 is a flow diagram illustrating a method for configuring access from a wireless network device to an enterprise in accordance with an embodiment of the present invention.
FIG. 4 is a flow diagram illustrating a method for accessing an enterprise from a wireless network device using a computer, in accordance with an embodiment of the present invention.
FIG. 5 is a block diagram illustrating an apparatus for configuring access from a wireless network device to an enterprise in accordance with an embodiment of the present invention.
 DETAILED DESCRIPTION
Embodiments of the present invention are described herein in the context of a system of computers, servers, and software. Those of ordinary skill in the art will realize that the following detailed description of the present invention is illustrative only and is not intended to be in any way limiting. Other embodiments of the present invention will readily suggest themselves to such skilled persons having the benefit of this disclosure. Reference will now be made in detail to implementations of the present invention as illustrated in the accompanying drawings. The same reference indicators will be used throughout the drawings and the following detailed description to refer to the same or like parts.
In the interest of clarity, not all of the routine features of the implementations described herein are shown and described. It will, of course, be appreciated that in the development of any such actual implementation, numerous implementation-specific decisions must be made in order to achieve the developer's specific goals, such as compliance with application- and business-related constraints, and that these specific goals will vary from one implementation to another and from one developer to another. Moreover, it will be appreciated that such a development effort might be complex and time-consuming, but would nevertheless be a routine undertaking of engineering for those of ordinary skill in the art having the benefit of this disclosure.
In accordance with the present invention, the components, process steps, and/or data structures may be implemented using various types of operating systems, computing platforms, computer programs, and/or general purpose machines. In addition, those of ordinary skill in the art will recognize that devices of a less general purpose nature, such as hardwired devices, field programmable gate arrays (FPGAs), application specific integrated circuits (ASICs), or the like, may also be used without departing from the scope and spirit of the inventive concepts disclosed herein.
The present invention provides a solution in which a script containing general security parameters and access policies in a file is placed on an appropriate internal server. The location of the script may then be stored on an external server. When an end-user within the organization decides to purchase a wireless network device, he may attach it to his existing computer. The computer then may retrieve the security file location and/or the security file access protocol from the external server, retrieve the security file from the internal server using the security file location and/or the security file access protocol, and program the security file into the wireless device.
FIG. 1 is a diagram illustrating a system in accordance with a specific embodiment of the present invention. A person capable of understanding the remote access procedures and security parameters for an organization (for purposes of this application, known as an “IT manager”) may place a script containing general security parameters and access policies in a file on an appropriate internal server 100 using an IT computer 102. The file may have read-only access to prevent unauthorized changes. A “wizard” may be provided to simplify the creation of this configuration script. Many different types of servers may be used as an internal sever 100 including, but not limited to, file servers, database servers, or web servers.
The location of the script may then be stored on an external server 104. This server may be owned by any of a variety of companies. The location may be represented through a Microsoft UNC, Internet URL, and XQL database query or any other means appropriate to identify the server and file. Each file may be associated with an email domain that covers email addresses routed to the organization (e.g., “@company.com”). The security file access protocol may also be stored on the external sever 104.
Independently, an end-user within the organization may decide to purchase a wireless network device 106 that he desires to access email with. He may query the external server 104 to determine whether his email address is supported. If so, he may purchase the wireless network device and attach it to a laptop behind a firewall. At this time, if the email address is not supported, the operator of the external server may decide to support the email address by configuring the system to work with the email address. For example, the user may have email address of employee@company.com. If a previous employee with that company was configured to work with the system, then it may be that all employees with that company have been configured and all that is necessary is for the user to retrieve that configuration. However, if this is the first employee with that company to attempt access, the external server may configure that employee, at which point all employees with the email domain company.com will be configured.
The laptop 108 may then retrieve the security file location and/or security file access protocol from the server, retrieve the security file, and then program the security file into the wireless device, which has been coupled to the laptop. He also may then enter the remaining personal security parameters (e.g., personal account name and password). The device may now access the corporate network directly when outside the firewall, using these parameters. This solution allows any form of access to be configured: push messaging, enterprise-based instant messaging, intranet web browsing, intranet file access, intranet application access, virtual private network (VPN) access, VPN key distribution, etc.
FIG. 2 is a diagram illustrating a system for accessing an enterprise in accordance with an embodiment of the present invention. After the wireless device 200 has been configured, email access may be coordinated using a virtual private network (VPN) server 202 which allows access to an email server 204.
FIG. 3 is a flow diagram illustrating a method for configuring access from a wireless network device to an enterprise in accordance with an embodiment of the present invention. At 300, an email address may be received from a user having the wireless network device. This email address may then be checked against a database having domains currently supported by the enterprise to determine whether a security file exists. If one does not, the system may choose to deny the request for access or to create a security file unique to a domain covering the email address. At 302, a security file location and/or a security file access protocol may be retrieved from a server external to the enterprise. At 304, a security file may be retrieved from a server internal to the enterprise using the security file location and/or the security file access protocol. The server internal to the enterprise may be, for example, a web server, file server, database server, etc. At 306, the security file may be programmed into the wireless network device. At 308, any remaining security parameters may be forwarded to the wireless network device. At 310, communication may be received from the wireless network device to an access server internal to the enterprise, the communication sent using a configuration stored in the security file. The access server may be, for example, an email server, a push messaging server, an instant messaging server, an intranet web browsing server, an intranet file access server, and intranet application access server, a virtual private network (VPN) access server, a VPN key distribution server, etc.
FIG. 4 is a flow diagram illustrating a method for accessing an enterprise from a wireless network device using a computer, in accordance with an embodiment of the present invention. At 400, an email address from a user having the wireless network device may be sent to a server internal to the enterprise. This allows the server to verify whether a security file for the domain covering the user's email address exists, and if not, create one. At 402, a security file location and/or a security file access protocol may be retrieved from a server external to the enterprise. At 404, a security file may be retrieved from a server internal to the enterprise using the security file location and/or security file access protocol. The server internal to the enterprise may be, for example, a web server, file server, database server, etc. At 406, the wireless network device may be coupled to the computer. At 408, the security file may be programmed into the wireless network device. At 410, any remaining security parameters may be forwarded to the wireless network device. At 412, communication may be sent from the wireless network device to an access server internal to the enterprise, the communication sent using a configuration stored in the security file. The access server may be, for example, an email server, a push messaging server, an instant messaging server, an intranet web browsing server, an intranet file access server, and intranet application access server, a virtual private network (VPN) access server, a VPN key distribution server, etc.
FIG. 5 is a block diagram illustrating an apparatus for configuring access from a wireless network device to an enterprise in accordance with an embodiment of the present invention. A security file location external server retriever 500 may retrieve a security file location from a server external to the enterprise. A security file access protocol retriever 502 may retrieve a security file access protocol from the server external to the enterprise. A security file internal server retriever 504 coupled to the security file location external server retriever 500 and to the security file access protocol retriever 502 may retrieve a security file from a server internal to the enterprise using the security file location and/or the security file access protocol. The server internal to the enterprise may be, for example, a web server, file server, database server, etc. A security file wireless network device programmer 506 coupled to the security file internal server retriever 504 may program the security file into the wireless network device. A remaining security parameters wireless network device forwarder 508 coupled to the security file internal server retriever 504 may forward any remaining security parameters to the wireless network device.
While embodiments and applications of this invention have been shown and described, it would be apparent to those skilled in the art having the benefit of this disclosure that many more modifications than mentioned above are possible without departing from the inventive concepts herein. The invention, therefore, is not to be restricted except in the spirit of the appended claims.

Claims (46)

1. A method for configuring access from a wireless network device to an enterprise, comprising:
retrieving a security file location from a server external to the enterprise;
retrieving a security file from a server internal to the enterprise using said security file location;
programming said security file into the wireless network device; and
forwarding any remaining security parameters to the wireless network device.
2. The method of claim 1, further comprising:
retrieving a security file access protocol from said server external to the enterprise.
3. The method of claim 2, wherein said retrieving a security file further includes retrieving a security file from a server internal to the enterprise using said security file location and said security file access protocol.
4. The method of claim 1, further comprising:
receiving an email address from a user having the wireless network device; and
wherein said security file is unique to a domain covering said email address.
5. The method of claim 1, wherein said server internal to the enterprise is a web server.
6. The method of claim 1, wherein said server internal to the enterprise is a file server.
7. The method of claim 1, wherein said server internal to the enterprise is a database server.
8. The method of claim 1, further comprising:
receiving communication from said wireless network device to an access server internal to the enterprise, the communication sent using a configuration stored in said security file.
9. The method of claim 8, wherein said access server is an email server.
10. The method of claim 8, wherein said access server is a push messaging server.
11. The method of claim 8, wherein said access server is an instant messaging server.
12. The method of claim 8, wherein said access server is an intranet web browsing server.
13. The method of claim 8, wherein said access server is an intranet file access server.
14. The method of claim 8, wherein said access server is an intranet application access server.
15. The method of claim 8, wherein said access server is a virtual private network (VPN) access server.
16. The method of claim 8, wherein said access server is a VPN key distribution server.
17. A method for accessing an enterprise from a wireless network device by using a computer, comprising:
retrieving a security file location from a server external to the enterprise;
retrieving a security file from a server internal to the enterprise using said security file location;
coupling the wireless network device to the computer; and
programming said security file into the wireless network device.
18. The method of claim 17, further comprising:
retrieving a security file access protocol from said server external to the enterprise.
19. The method of claim 18, wherein said retrieving a security file further includes retrieving a security file from a server internal to the enterprise using said security file location and said security file access protocol.
20. The method of claim 17, further comprising:
forwarding any remaining security parameters to the wireless network device.
21. The method of claim 17, further comprising:
sending an email address from a user having the wireless network device to a server internal to the enterprise.
22. The method of claim 17, further comprising:
sending communication from the wireless network device to an access server internal to the enterprise, the communication sent using a configuration stored in said security file.
23. A computer system for configuring access from a wireless network device to an enterprise, comprising:
means for retrieving a security file location from a server external to the enterprise;
means for retrieving a security file from a server internal to the enterprise using said security file location;
means for programming said security file into the wireless network device; and
means for forwarding any remaining security parameters to the wireless network device.
24. The computer system of claim 23, further comprising: means for retrieving a security file access protocol from said server external to the enterprise.
25. The computer system of claim 24, wherein said means for retrieving a security file further includes means for retrieving a security file from a server internal to the enterprise using said security file location and said security file access protocol.
26. The computer system of claim 23, further comprising: means for receiving an email address from a user having the wireless network device; and means for wherein said security file is unique to a domain covering said email address.
27. The computer system of claim 23, wherein said server internal to the enterprise is a web server.
28. The computer system of claim 23, wherein said server internal to the enterprise is a file server.
29. The computer system of claim 23, wherein said server internal to the enterprise is a database server.
30. The computer system of claim 23, further comprising: means for receiving communication from said wireless network device to an access server internal to the enterprise, the communication sent using a configuration stored in said security file.
31. The computer system of claim 30, wherein said access server is an email server.
32. The computer system of claim 30, wherein said access server is a push messaging server.
33. The computer system of claim 30, wherein said access server is an instant messaging server.
34. The computer system of claim 30, wherein said access server is an intranet web browsing server.
35. The computer system of claim 30, wherein said access server is an intranet file access server.
36. The computer system of claim 30, wherein said access server is an intranet application access server.
37. The computer system of claim 30, wherein said access server is a virtual private network (VPN) access server.
38. The computer system of claim 30, wherein said access server is a VPN key distribution server.
39. A computer system for accessing an enterprise from a wireless network device by, comprising:
means for retrieving a security file location from a server external to the enterprise;
means for retrieving a security file from a server internal to the enterprise using said security file location;
means for coupling the wireless network device to a computer; and
means for programming said security file into the wireless network device.
40. The computer system of claim 39, further comprising: means for retrieving a security file access protocol from said server external to the enterprise.
41. The computer system of claim 40, wherein said means for retrieving a security file further includes means for retrieving a security file from a server internal to the enterprise using said security file location and said security file access protocol.
42. The computer system of claim 39, further comprising: means for forwarding any remaining security parameters to the wireless network device.
43. The computer system of claim 39, further comprising: means for sending an email address from a user having the wireless network device to a server internal to the enterprise.
44. The computer system of claim 39, further comprising: means for sending communication from the wireless network device to an access server internal to the enterprise, the communication sent using a configuration stored in said security file.
45. A program storage device readable by a machine, comprising a program of instructions executable by the machine to perform a method for configuring access from a wireless network device to an enterprise, the method comprising:
retrieving a security file location from a server external to the enterprise;
retrieving a security file from a server internal to the enterprise using said security file location;
programming said security file into the wireless network device; and
forwarding any remaining security parameters to the wireless network device.
46. A program storage device readable by a machine, comprising a program of instructions executable by the machine to perform a method for accessing an enterprise from a wireless network device by using a computer, the method comprising:
retrieving a security file location from a server external to the enterprise;
retrieving a security file from a server internal to the enterprise using said security file location;
coupling the wireless network device to the computer; and
programming said security file into the wireless network device.
US10/323,138 2002-12-17 2002-12-17 Enterprise access configuration Expired - Fee Related US7251823B2 (en)

Priority Applications (10)

Application Number Priority Date Filing Date Title
US10/323,138 US7251823B2 (en) 2002-12-17 2002-12-17 Enterprise access configuration
AT03782032T ATE358386T1 (en) 2002-12-17 2003-12-17 ENTERPRISE ACCESS CONFIGURATION PROCEDURES
ES03782032T ES2285222T3 (en) 2002-12-17 2003-12-17 CONFIGURATION OF ACCESS TO A COMPANY.
DE60312887T DE60312887T2 (en) 2002-12-17 2003-12-17 CORPORATE ACCESS CONFIGURATION METHOD
CNB2003801063328A CN100553252C (en) 2002-12-17 2003-12-17 Accessed enterprise equipment and method
EP03782032A EP1574006B1 (en) 2002-12-17 2003-12-17 Enterprise access configuration
CA002510023A CA2510023A1 (en) 2002-12-17 2003-12-17 Enterprise access configuration
PCT/CA2003/001964 WO2004056062A2 (en) 2002-12-17 2003-12-17 Enterprise access configuration
AU2003289783A AU2003289783A1 (en) 2002-12-17 2003-12-17 Enterprise access configuration
US11/888,218 US7827604B2 (en) 2002-12-17 2007-07-30 Enterprise access configuration

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US10/323,138 US7251823B2 (en) 2002-12-17 2002-12-17 Enterprise access configuration

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US11/888,218 Continuation US7827604B2 (en) 2002-12-17 2007-07-30 Enterprise access configuration

Publications (2)

Publication Number Publication Date
US20040117656A1 US20040117656A1 (en) 2004-06-17
US7251823B2 true US7251823B2 (en) 2007-07-31

Family

ID=32507308

Family Applications (2)

Application Number Title Priority Date Filing Date
US10/323,138 Expired - Fee Related US7251823B2 (en) 2002-12-17 2002-12-17 Enterprise access configuration
US11/888,218 Expired - Fee Related US7827604B2 (en) 2002-12-17 2007-07-30 Enterprise access configuration

Family Applications After (1)

Application Number Title Priority Date Filing Date
US11/888,218 Expired - Fee Related US7827604B2 (en) 2002-12-17 2007-07-30 Enterprise access configuration

Country Status (9)

Country Link
US (2) US7251823B2 (en)
EP (1) EP1574006B1 (en)
CN (1) CN100553252C (en)
AT (1) ATE358386T1 (en)
AU (1) AU2003289783A1 (en)
CA (1) CA2510023A1 (en)
DE (1) DE60312887T2 (en)
ES (1) ES2285222T3 (en)
WO (1) WO2004056062A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060171380A1 (en) * 2005-02-03 2006-08-03 Chia Kevin M K Method and system for integrated communications with access control list, automatic notification and telephony services

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7890084B1 (en) * 2006-10-30 2011-02-15 Cellco Partnership Enterprise instant message aggregator
US8473743B2 (en) 2010-04-07 2013-06-25 Apple Inc. Mobile device management
US10331321B2 (en) 2015-06-07 2019-06-25 Apple Inc. Multiple device configuration application

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000031931A1 (en) 1998-11-24 2000-06-02 Telefonaktiebolaget Lm Ericsson (Publ) Method and system for securing data objects
US6286038B1 (en) * 1998-08-03 2001-09-04 Nortel Networks Limited Method and apparatus for remotely configuring a network device
US20010044903A1 (en) * 2000-05-12 2001-11-22 Sumitomo Heavy Industries, Ltd. Information access method and network system
US20020198969A1 (en) * 2001-06-25 2002-12-26 Engel Glenn R. Configuring network devices
US20040193695A1 (en) * 1999-11-10 2004-09-30 Randy Salo Secure remote access to enterprise networks

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7665125B2 (en) * 2002-09-23 2010-02-16 Heard Robert W System and method for distribution of security policies for mobile devices

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6286038B1 (en) * 1998-08-03 2001-09-04 Nortel Networks Limited Method and apparatus for remotely configuring a network device
WO2000031931A1 (en) 1998-11-24 2000-06-02 Telefonaktiebolaget Lm Ericsson (Publ) Method and system for securing data objects
US20040193695A1 (en) * 1999-11-10 2004-09-30 Randy Salo Secure remote access to enterprise networks
US20010044903A1 (en) * 2000-05-12 2001-11-22 Sumitomo Heavy Industries, Ltd. Information access method and network system
US20020198969A1 (en) * 2001-06-25 2002-12-26 Engel Glenn R. Configuring network devices

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
International Search Report, dated Jul. 15, 2004, PCT/CA03/01964.

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060171380A1 (en) * 2005-02-03 2006-08-03 Chia Kevin M K Method and system for integrated communications with access control list, automatic notification and telephony services

Also Published As

Publication number Publication date
EP1574006B1 (en) 2007-03-28
ES2285222T3 (en) 2007-11-16
WO2004056062A3 (en) 2004-08-26
DE60312887D1 (en) 2007-05-10
CN1726688A (en) 2006-01-25
AU2003289783A1 (en) 2004-07-09
EP1574006A2 (en) 2005-09-14
CA2510023A1 (en) 2004-07-01
US7827604B2 (en) 2010-11-02
CN100553252C (en) 2009-10-21
ATE358386T1 (en) 2007-04-15
US20080022366A1 (en) 2008-01-24
DE60312887T2 (en) 2007-12-06
US20040117656A1 (en) 2004-06-17
WO2004056062A2 (en) 2004-07-01

Similar Documents

Publication Publication Date Title
US10999282B2 (en) System and method for secure control of resources of wireless mobile communication devices
US10091127B2 (en) Enrolling a mobile device with an enterprise mobile device management environment
EP1523152B1 (en) Connector gateway
EP2012229B1 (en) Mobile provisioning tool system
US8041346B2 (en) Method and system for establishing a service relationship between a mobile communication device and a mobile data server for connecting to a wireless network
US9197668B2 (en) Access control to files based on source information
US20040073903A1 (en) Providing access to software over a network via keys
CA2693723C (en) Automatic license key injection
JP2003228519A (en) Method and architecture for providing pervasive security for digital asset
JP2003228520A (en) Method and system for offline access to secured electronic data
CA2372647A1 (en) System and method for administrating a wireless communication network
MXPA04002415A (en) Network zones.
US7827604B2 (en) Enterprise access configuration
US20040220996A1 (en) Multi-platform computer network and method of simplifying access to the multi-platform computer network
CA2632509C (en) A method and system for performing a software upgrade on an electronic device connected to a computer

Legal Events

Date Code Title Description
AS Assignment

Owner name: SIERRA WIRELESS, INC., CANADA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:TOSEY, JOSEPH PETER ROBERT;REEL/FRAME:013609/0877

Effective date: 20021216

STCF Information on status: patent grant

Free format text: PATENTED CASE

FPAY Fee payment

Year of fee payment: 4

FPAY Fee payment

Year of fee payment: 8

FEPP Fee payment procedure

Free format text: MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

LAPS Lapse for failure to pay maintenance fees

Free format text: PATENT EXPIRED FOR FAILURE TO PAY MAINTENANCE FEES (ORIGINAL EVENT CODE: EXP.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STCH Information on status: patent discontinuation

Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362

FP Lapsed due to failure to pay maintenance fee

Effective date: 20190731